fluidasserts.cloud.aws.cloudformation.cloudfront module

AWS CloudFormation checks for CloudFront (Content Delivery Network).

fluidasserts.cloud.aws.cloudformation.cloudfront.serves_content_over_http(path, exclude=None)

Check if Distributions are serving content over HTTP.

Parameters
  • path (str) – Location of CloudFormation’s template file.

  • exclude (typing.Optional[typing.List[str]]) – Paths that contains any string from this list are ignored.

Returns

  • OPEN if ViewerProtocolPolicy attribute is set to allow-all.

  • UNKNOWN on errors.

  • CLOSED otherwise.

Return type

fluidasserts.Result

fluidasserts.cloud.aws.cloudformation.cloudfront.serves_content_over_insecure_protocols(path, exclude=None)

Check if Distributions are using the strongest protocol from AWS.

Parameters
  • path (str) – Location of CloudFormation’s template file.

  • exclude (typing.Optional[typing.List[str]]) – Paths that contains any string from this list are ignored.

Returns

  • OPEN if MinimumProtocolVersion attribute is set to SSLv3, TLSv1, TLSv1_2016, or TLSv1.1_2016 protocol.

  • OPEN if OriginSSLProtocols attribute is set to SSLv3, TLSv1, or TLSv1.1 protocol.

  • UNKNOWN on errors.

  • CLOSED otherwise.

Return type

fluidasserts.Result